package com.study.springsecurity.security.voters;

import org.springframework.security.access.AccessDecisionVoter;
import org.springframework.security.access.ConfigAttribute;
import org.springframework.security.core.Authentication;

import java.util.Collection;

public class NoAnnotationVoter implements AccessDecisionVoter<Object> {
 
    @Override
    public boolean supports(ConfigAttribute attribute) {
        // 如果接口上没有配置任何权限注解，则支持此类属性
        return attribute.getAttribute() == null || attribute.getAttribute().isEmpty();
    }
 
    @Override
    public boolean supports(Class<?> clazz) {
        // 对所有类的访问决策都支持
        return true;
    }
 
    @Override
    public int vote(Authentication authentication, Object object, Collection<ConfigAttribute> attributes) {
        if (attributes.isEmpty()) {
            // 如果没有配置任何权限注解，拒绝访问
            return AccessDecisionVoter.ACCESS_DENIED;
        }
        // 如果有权限注解，则允许访问
        return AccessDecisionVoter.ACCESS_GRANTED;
    }
}